Map AWS AI assets before GuardDuty AI findings hit your queue
AWS added AI Inventory to Security Hub and made GuardDuty AI Protection generally available, giving cloud security teams a native way to discover AI assets and detect Bedrock or SageMaker abuse.
Confirmed: AWS added two native AI-security controls on July 14, 2026. Security Hub now includes AI Inventory for organization-wide asset visibility, and GuardDuty AI Protection is generally available for Bedrock and SageMaker threat detection. Treat this as a cloud-security operations update, not a model launch: the value is finding AI workloads, mapping them to infrastructure, and catching abuse before the bill or incident queue exposes it.

What changed
AWS Security Hub AI Inventory now gives security teams a continuously updated view of AI assets and their posture across an AWS organization. AWS says the inventory covers managed AI services such as Amazon Bedrock, Bedrock AgentCore, and Amazon SageMaker through AWS Config, and can also identify self-hosted AI workloads through Amazon Inspector SBOM analysis.
GuardDuty AI Protection is now generally available for Amazon Bedrock and SageMaker. It looks for unusual model invocation patterns, cost harvesting attacks, and prompt injection attempts connected to Bedrock Guardrails. Findings flow into Security Hub so teams can connect AI-threat alerts to the asset, account, network, IAM role, and related infrastructure behind the workload.
Why this is early
The reliable first signal is AWS's own July 14 security announcement and the matching What's New entries. The independent confirmation comes from Constellation Research, which reported the same launch set: GuardDuty AI Protection generally available, AI Inventory generally available, AI-powered investigations in preview, and Azure monitoring added to Security Hub.
This is early in the operational sense. Many teams still do not have a complete AI asset register, especially when developers call external model APIs from EC2, Lambda, containers, or internal agents. Security Hub AI Inventory gives them a native AWS starting point, but every account still needs rollout checks.
Key takeaways
- Security Hub AI Inventory is generally available and included with Security Hub Essentials at no additional cost, according to AWS.
- GuardDuty AI Protection is generally available for GuardDuty customers and starts with a 30-day free trial.
- The main covered AWS AI services are Bedrock and SageMaker, with inventory coverage also touching Bedrock AgentCore and self-hosted models through Inspector analysis.
- GuardDuty AI Protection targets anomalous invocations, cost harvesting, and prompt injection signals tied to Bedrock Guardrails.
- AI-powered GuardDuty investigations are separate and still in preview in 10 AWS Regions.
| Feature | Best fit | Access/status | Caveat |
|---|---|---|---|
| Security Hub AI Inventory | Finding AI assets across AWS accounts | GA; included with Security Hub Essentials | Verify coverage for external model APIs and self-hosted stacks |
| GuardDuty AI Protection | Detecting Bedrock and SageMaker abuse | GA; GuardDuty customers, 30-day free trial | Check region support and pricing before broad enablement |
| AI-powered investigations | Faster GuardDuty triage | Preview in 10 AWS Regions | Do not treat preview summaries as final incident evidence |
| Azure monitoring in Security Hub | Cross-cloud posture view | AWS says Azure support is now available | Scope and pricing need tenant-level validation |
Availability and access
AWS says AI Inventory requires no new enablement when Security Hub Essentials is in place and is available in commercial Regions where Security Hub is offered. GuardDuty AI Protection can be enabled from the GuardDuty or Security Hub console and can be centrally enabled through AWS Organizations.
Pricing details still matter. GuardDuty AI Protection has a trial, then follows GuardDuty pricing. Security Hub AI Inventory is included with Essentials, but teams should confirm the cost of the underlying services that feed it, such as CloudTrail data events, Inspector coverage, Security Hub plan selection, and any multi-account aggregation choices.
Practical LinkLoot angle
Start with inventory, not alert tuning. List every Bedrock app, SageMaker endpoint, AgentCore workflow, self-hosted inference stack, and external model API call Security Hub can see. Then compare that list with finance, platform engineering, and data-science records. Any mismatch is a security gap.
Good first workflow:
- Turn on or validate Security Hub Essentials in a non-production organization unit.
- Check which AI assets appear from Bedrock, SageMaker, AgentCore, EC2, ECR, ECS, and EKS.
- Enable GuardDuty AI Protection in a controlled account and review expected finding volume.
- Build a runbook for cost harvesting: owner, IAM role, model endpoint, CloudTrail evidence, budget impact, and containment action.
- Add the process to your broader AI automation checklist. LinkLoot's guide to AI workflow automation is a useful companion: /guides/ai-workflow-automation.
What to verify before you act
- Confirm which AWS Regions support GuardDuty AI Protection and AI-powered investigations for your accounts.
- Check whether Security Hub Essentials is enabled where your AI workloads actually run.
- Review GuardDuty pricing after the 30-day trial, especially for high-volume Bedrock and SageMaker usage.
- Test whether self-hosted model discovery catches your actual inference stack: Ollama, vLLM, Hugging Face TGI, custom containers, or third-party APIs.
- Validate privacy, logging, and response workflows before routing prompt-injection or model-abuse findings into automated remediation.
Source check
Confirmed by: AWS Security Blog states that Security Hub now adds AI workload protection and Azure monitoring. AWS What's New confirms GuardDuty AI Protection for Bedrock and SageMaker, while a separate AWS What's New entry confirms Security Hub AI Inventory and its discovery methods.
Independent context: Constellation Research confirms the same launch package and separates what is generally available from what remains in preview. LinkLoot will treat region expansion, pricing changes, and GA status for AI-powered investigations as update triggers.
It is a Security Hub capability that discovers AI assets across AWS accounts and connects them to infrastructure and security findings.
